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REMARKS/ARGUMENTS 

Favorable reconsideration of this application is respectfully requested in view of the 
above amendments and the following remarks. 

Claims 1-3, 6-8 and 11-16 remain pending in this application. By this amendment, 
Claims 1-3, 6-8 and 11-16 have been amended. As these amendments are clarifying in nature 
and made to respond to the various rejections under 35 U.S.C. § 1 12 in the Office Action, it is 
respectfully submitted that no new matter has been added. 

In the outstanding Office Action, claims 1, 2, 6, 7 and 1 1 were rejected under 35 
U.S.C. § 1 12, first paragraph, as failing to comply with the written description requirement; 
Claims 1, 2, 6, 7 and 1 1 were rejected under 35 U.S.C. § 1 12, first paragraph, as failing to 
comply with the enablement requirements; Claims 2, 3, 7, 8 and 14-16 were rejected under 35 
U.S.C. § 1 12, second paragraph, as being indefinite; and Claims 1-3, 6-8, and 1 1-16 were 
rejected under 35 U.S.C. § 103(a) as being unpatentable over Biorn (U.S. Patent No. 
6,035,398) in view of Wuidart et al. (U.S. 2003/0103629 Al, hereinafter " Wuidart ") and 
Rowe et al. (U.S. 2002/0009213 Al, hereinafter "Rowe"). 

A substitute specification is provided correcting a variety of informalities including 
the spelling of "hamming". Entry is respectfully requested. 

The rejections of Claims 1, 2, 6, 7 and 1 1 under 35 U.S.C. § 1 12, first paragraph, as 
failing to comply with the written description requirement and as failing to comply with the 
enablement requirement are respectfully traversed. It is respectfully submitted that analog to 
digital conversion is well known in the art and that one of ordinary level of skill would know 
how to perform analog to digital conversion on an analog signal. 

Wikipedia defines Hamming distance as: 

In information theory, the Hamming distance between two 
strings of equal length is the number of positions for which the 
corresponding symbols are different. Putting it another way, it 
measures the minimum number of substitutions required to 



7 



Application No. 10/553,984 

Reply to Office Action of April 6, 2009 

change one into the other, or the number of errors that 
transformed one string into the other. 

Accordingly, it is respectfully submitted that Hamming distance is a well known concept in 

the art and that one of ordinary level of skill in the art would know how to use Hamming 

distance in an analog to digital conversion with respect to a first and a second analog signal. 

Furthermore, use of Hamming distance is different from using any other number because 

another arbitrarily chosen number would not incorporate the Hamming distance. 

The Office Action asserts: 

As per claims 2 and 7, the claims teach performing the 
hamming distance between the image data and the evaluation 
patterns. However, the written description teaches performing 
the hamming distance between the variation patterns and the 
evaluations patterns. This is considered as new matter. 

This assertion is not understood. Neither Claim 2 nor Claim 7 recites "performing the 
hamming distance between the image data and the evaluation patterns". Furthermore, the 
assumption in the above quotation from the Office Action that there is a difference between 
the hamming distance between the image data and evaluation patterns and the hamming 
distance between the variation patterns and the evaluation patterns is incorrect. They are the 
same. 

Regarding the rejection of Claims 2, 3, 7, 8 and 14-16 under 35 U.S.C. § 112, second 
paragraph, as being indefinite, clarifying amendments have been made to the claims. For 
example, Claim 2, line 7, Claim 3, line 6, Claim 7, line 6 and Claim 8, line 4 have been 
amended to now recite "the plurality of predetermined evaluation patterns". Thus, it is 
respectfully submitted that the recitations in the claims are internally consistent. 

With regard to the rejection of Claims 14-16, it is respectfully submitted that the 
specification beginning at the top of page 10 clearly explains that variations in a matrix of 
imaging elements occur which are unique to an imaging device. Furthermore, it is well 
known that in a matrix array of a plurality of transducer devices that variations among the 
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individual devices inevitably occur. Such variations can occur regardless of the type of 
sensor or transducer device. 

Accordingly, in view of the above, it is respectfully requested that the rejections of the 
claims under 35 U.S.C. § 1 12, first and second paragraphs, be reconsidered and withdrawn. 

Claim 1 recites: 

an imaging unit configured to perform imaging on a target and 
to output analog first and second signals, the first signal 
including image data of an inside portion of the target, and said 
the second signal including variation patterns specific to the 
imaging unit; 

an identification unit configured to perform analog/digital 
conversion on the first signal having the image data to create 
identification information; 

a creation unit configured to perform analog/digital conversion 
on the second signal having the variation patterns to create 
encryption key information unique to the imaging unit; and 

an encryption unit configured to encrypt the identification 
information by using the encryption key information. 

Claims 6 recites similar subject matter in method format and Claim 1 1 recites similar subject 
in means-plus-function format. It is respectfully submitted that these features are neither 
disclosed by nor rendered obvious by Bjom, Wuidart, Rowe or any conceivable combination 
thereof. 

The Office Action correctly recognizes "[h]owever, Biorn does not specifically teach 
outputting of a variation patterns signal that is specific to the imaging unit or using these 
variations patterns to generate an encryption key." 

The Office Action further asserts "Wuidart discloses outputting said second signal 
including variation patterns specific to the imaging unit (Wuidart, paragraphs 11-13, 
teaches having a physical parameter of a network be used to revoke a key for that 
device.)". Applicant respectfully disagrees. 
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Wuidart describes "the use of a secret quantity coming from an integrated circuit or 
from an electronic sub-assembly element containing such a circuit." 1 Wuidart further states 
"such a secret quantity [can be used] by programs such as an encryption key." 2 Wuidart 
explains "[t]he use of an identifier coming from a physical parameter network, for example, 
to authenticate an integrated circuit chip or to code a datum that it provides, is more and more 
appreciated." 3 In Wuidart "[a] feature of the present invention is to associate with a physical 
parameter network providing a first digital word linked to the manufacturing of an integrated 
circuit at least one shift register, preferably with a linear retroaction, and to use the digital 
word provided by the shift register to form the secret quantity of the integrated circuit." 4 
Thus, in Wuidart a digital word is generated from a physical parameter of a network and 
submitted to at least one retroaction shift register to output a secret quantity. 5 

Wuidart is not directed to imaging a target. Wuidart does not output a first signal 
including an image data of an inside portion of the target and a second signal including 
variation patterns specific to the imaging unit. Therefore, Wuidart does not describe, teach, 
suggest or otherwise render obvious encrypting information on a confidential target as recited 
in the claims. That is Wuidart generates a secret quantity per se from a physical parameter of 
a network. Therefore, Wuidart in combination with Biorn fails to describe or render obvious 
the features of Claims 1, 6 and 1 1 described above. 

Rowe fails to correct the deficiencies of Biorn and Wuidart pointed out above because 
Rowe fails to describe or render obvious the features of Claims 1, 6 and 1 1 described above. 

It is respectfully submitted that Claims 2, 3, 7, 8 and 12-16 are patentable at least for 
the reasons argued with above with regard to the claims from which they depend. 



Paragraph [0002]. 

2 Paragraph [0002]. 

3 Paragraph [0004]. 
Paragraph [0041]. 
5 See Claim 1. 
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Accordingly, it is respectfully requested that the rejections of Claims 1-3, 6-8 and 11- 
16 be reconsidered and withdrawn, and that Claims 1-3, 6-8 and 1 1-16 be found allowable. 

Consequently, for the reasons discussed in detail above, no further issues are believed 
to be outstanding in the present application and the present application is believed to be in 
condition for formal allowance. Therefore, a Notice of Allowance is earnestly solicited. 

Should the Examiner deem that any further action is necessary to place this 

application in even better form for allowance, the Examiner is encouraged to contact the 

undersigned representative at the below-listed telephone number. 

Respectfully submitted, 

OBLON, SPIVAK, McCLELLAND, 
MAIER & NEUSTADT, P.C. 

Customer Number 

22850 

Tel: (703) 413-3000 Bradley D. Lytle 

Fax: (703) 413 -2220 Attorney of Record 

(osmmn 06/04) Registration No. 40,073 

Michael L. Gellner 
Registration No. 27,256 
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DESCRIPTION 



ENCRYPTION DEVICE AND ENCRYPTION METHOD 

Technical Field 

This invention relates to an encryption device and an 
encryption method and, more particularly, applied to a case of 
encrypting information (hereinafter, referred to as identification 
information) that is used to prove validly of an identification 
target . 

Background Art 

Heretofore, an encryption device adopting a secret key 
encryption method or a public key encryption method is designed to 
create encrypted identification information by performing 
prescribed encryption on identification by using encryption key 
information being stored in an internal non-volatile memory and 
send this to a decryption device. 

In this case, the encryption device ensures reliability of 
an encryption function by preventing encryption key information 
being stored in the non-volatile memory from being stolen. As a 
method of preventing the encryption key information from being 
stolen, a non-volatile memory is installed between units at a deep 
part of the encryption device, or a non-volatile memory and an 
encryption/decryption unit for encrypting encryption key 
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information only when the information is stored in the non- 
volatile memory are installed as one tip (for example, refer to 
Patent Reference 1) . 

Patent Reference 1 Japanese Patent Laid-open No. 2003-256282 

However, such an encryption device is not enough to offer 
reliability of an encryption function because not only 
installation of a non-volatile memory is complicated but also 
encryption key information cannot be prevented from being stolen 
from the non-volatile memory. 

This invention has been made in view of foregoing and 
proposes an encryption device and encryption method capable of 
improving reliability of an encryption function. 

To solve the above problem, this invention provides an 
encryption device for encrypting information on a confidential 
target with: a creation means for creating a unique parameter of 
an element group, based on a signal output from the element group 
internally having a plurality of elements as a unit; and an 
encryption means for encrypting information by using the unique 
parameter created by the creation means. 

Further, this invention provides an encryption method of 
encrypting information on a confidential target with: a first 
step of creating a unique parameter of an element group, based on 
a signal output from the element group internally having a 
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plurality of elements as a unit; and a second step of encrypting 
information by using the created unique parameter. 

As described above, according to this invention, information 
is encrypted by using a unique parameter of an internal element 
group. This means that encryption can be performed by using a 
unique parameter that third parties cannot detect, even in 
manufacturing, without previously storing the parameter in a non- 
volatile memory or the like, thereby being capable of easily 
ensuring confidentiality of identification information Dl and thus 
improving reliability of an encryption function. 

Brief Description of the Drawings 

Fig. 1 is a block diagram showing a construction of an 
identification system. 

Fig. 2 is a block diagram showing a construction of an 
encryption device according to this embodiment. 

Fig. 3 is a schematic diagram showing a construction of an 
imaging unit. 

Fig. 4 is a block diagram showing a construction of a 
decryption device . 

Best Mode for Carrying out the Invention 

One embodiment of this invention will be described in detail 
with reference to the accompanying drawings. 
( 1 ) Construction of identification system 
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Referring to Fig. 1, reference numeral 1 shows an 
identification system according to this embodiment, in which a 
plurality of encryption devices 2 (2A to 2N) serving as 
communication sources are wirelessly connected to a decryption 
device 3 serving as a communication party so that the encryption 
devices 2 and the decryption device 3 can communication 
communicate various kinds of information with each other. 

In this case, an encryption device 2 creates a 
characteristic pattern of a prescribed part of a user using this 
encryption device 2 as identification information when starting 
communication with the decryption device 3. Then the encryption 
device 2 creates encrypted identification information by 
encrypting this identification information and sends this to the 
decryption device 3. 

The decryption device 3, on the other hand, restores the 
identification information by decrypting the received encrypted 
identification information, and compares this identification 
information with corresponding registered information previously 
registered . 

The decryption device 3 continues the communication of 
information with the encryption device 2 only when it is 
determined based on the comparison result that the user using the 
encryption device 2 sending the identification information is a 
rightful registrant . 

As described above, in this identification system 1, validly 
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validity of a user using the encryption device 2 is determined by 
using body information on the user. 
(2) Construction of encryption device 

Since the encryption devices 2 (2A to 2N) are identical, the 
construction of the encryption device 2A will be now described. 

Referring to Fig. 2, the encryption device 2A is composed of 
an imaging unit 11 for imaging blood vessels inside a finger as an 
imaging target, an identification information creation unit 12 for 
creating identification information based on the imaging result of 
the imaging unit 11, an encryption unit 13 for encrypting the 
identification information, and a communication unit 14 for 
communicating information through a communication process with a 
prescribed radio communication scheme. 

This imaging unit 11 is designed to image blood vessels by 
using such a feature that light (near-infrared light) of near- 
infrared light bandwidth is specifically absorbed in 
deoxygenization hemoglobin (venous blood) or oxygenation 
hemoglobin (arterial blood) in the blood vessels. 

In actual, as shown in Fig. 3, the imaging unit 11 has one 
or two or more light sources 21 for emitting near-infrared light 
(three light sources are shown in Fig. 3) . On the light path of 
the near-infrared light which is emitted from the light sources 21, 
a first filter 22 for allowing specific light of near-infrared 
light bandwidth out of the near-infrared light to pass 
therethrough, a second filter 23 for allowing light of near- 
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infrared light bandwidth which is absorbed in venous bloods and 
its adjacent light out of light obtained via the first filter 22 
to pass therethrough, and a solid imaging element 24 are provided 
in order. 

In addition, the imaging unit 11 is provided with a 
diffusion plate S-& 2 6 at a position (hereinafter, referred to as 
out-of-light-path position) PI other than on the light path of the 
near-infrared light. This diffusion plate S-& 2 6 can move between 
the out-of-light-path position PI and a position (hereinafter, 
referred to as on-light-path position) P2 a prescribed distance 
away from the solid imaging element 24. 

Furthermore, in this imaging unit 11, a finger FG can be 
inserted between the first filter 22 and the second filter 23, and 
a shielding unit 2-6 25 for blocking the outside light in the air 
out of the light path of the near-infrared light while the finger 
FG is inserted is provided, thereby being capable of reducing 
influences of visible light and ultraviolet radiation existing out 
of the shielding unit 2-6 25 on the near-infrared light in imaging 
the blood vessels inside the finger FG. 

In this case, when the imaging unit 11 receives an imaging 
command while the finger FG is inserted between the first and 
second filters 22 and 23, it emits near-infrared light from the 
light sources 21 and irradiates the finger FG with the light via 
the first filter 22. 

Since this near-infrared light is specifically absorbed in 
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intrinsic hemoglobin in the blood vessel tissues inside the finger 
FG, the near-infrared light obtained through the finger FG enters 
the solid imaging element 24 via the second filter 23 as a blood 
vessel pattern light representing a formation pattern of the blood 
vessel tissues. 

Then the imaging unit 11 performs photoelectric conversion 
on the blood vessel pattern light with a plurality of 
photoelectric conversion elements arranged in the solid imaging 
element 24, and sends a blood vessel image signal SI created by 
the photoelectric conversion elements to the identification 
information creation unit 12 (Fig. 2). 

In this way, the imaging unit 11 can image blood vessels 
inside a body as an imaging target . 

The identification information creation unit 12 creates 
blood vessel image data by performing A/D (Analog/Digital) 
conversion on the received blood vessel image signal SI, and 
extracts blood vessels of a previously specified region from the 
blood vessel image based on the blood vessel image data. Then the 
identification information creation unit 12 creates a formation 
pattern of the extracted blood vessels as identification 
information Dl and sends this to the encryption unit 13. 

The encryption unit 13 has a memory (hereinafter, referred 
to as encryption key information memory) 13a for storing a 
plurality of encryption key information sequentially created with 
a prescribed algorithm, and selects and reads, for example, 
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encryption key information D21 corresponding to a request made 
from the decryption device 3 (Fig. 1) via the communication unit 
14, from the plurality of encryption key information D2 (D2 X to 
D2 n ) being stored in the encryption key information memory 13a. 

Then the encryption unit 13 creates encrypted identification 
information D3 by encrypting the received identification 
information Dl by using the read encryption key information D2i 
with, for example, the AES (Advanced Encryption Standard) , and 
sends this to the decryption device 3 (Fig. 1) via the 
communication unit 14. 

Since the encryption device 2A creates the identification 
information Dl representing a blood vessel formation pattern 
unique to an inside of the body in this way, direct stealing from 
a body can be prevented as compared with a case of creating 
fingerprints existing on a surface of a body as identification 
information, thus being capable of previously preventing a user 
using the encryption device 2A from pretending he/she is a 
registrant . 

(3) Encryption key information creation process 

In addition to the above configuration, this encryption 
device 2A is designed to create a plurality of encryption key 
information D2 (D2i to D2 n ) unique to this encryption device 2A 
based on a result of imaging a uniform imaging target with the 
imaging unit 11 . 

In this case, the encryption device 2A is designed to 
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perform a prescribed encryption key information creation process 
every time when receiving a creation request of encryption key 
information via the communication unit 14 from the decryption 
device 3 (Fig. 1) , and store or update the created encryption key 
information D2 in the encryption key information memory 13a of the 
encryption unit 13. An encryption key information creation unit 
15 for performing this encryption key information creation process 
will be now described . 

When the decryption device 3 makes a creation request, the 
encryption key information creation unit 15 makes the imaging unit 
11 image a uniform imaging target, and creates encryption key 
information based on a signal which is obtained as the imaging 
result . 

In actual, the encryption key information creation unit 15 
controls the diffusion plate 25 of the imaging unit 11 (Fig. 3) so 
as to move from the out-of -light-path position PI to the on-light- 
path position P2, and sends an imaging command to the imaging unit 
11. 

In this case, in the imaging unit 11 (Fig. 3), the diffusion 
plate 25 is irradiated with near-infrared light emitted from the 
light sources 21 via the first and second filters 22 and 23 in 
order, and diffuses the light toward the solid imaging element 24 
as uniform diffused light (hereinafter, referred to as uniform 
diffused light), so that the light enters the solid imaging 
element 24 . 
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This solid imaging element 24 is provided with openings and 
light collective lens corresponding to a plurality of 
photoelectric conversion elements arranged in a matrix in the 
solid imaging element 24. These openings and light collective 
lens have different sizes due to various causes in manufacturing 
and this variation is unique to the solid imaging element 24. 

Therefore, a signal (hereinafter, referred to as uniform 
image signal) S2 input to the encryption key information creation 
unit 15 (Fig. 2) as a result of performing the photoelectric 
conversion on the uniform diffused light at the solid imaging 
element 24 includes the variation unique to the solid imaging 
element 24, which cannot be known in manufacturing, as a noise 
pattern (hereinafter, referred to as variation pattern) . 

The encryption key information creation unit 15 creates 
uniform image data by performing the A/D conversion on the uniform 
image signal S2 obtained as described above, and creates a 
parameter (hereinafter, referred to as element-specific parameter) 
attribute to the unique variation pattern of the solid imaging 
element 24 based on the unique image data. 

In this embodiment, as a method of creating the element- 
specific parameter, the encryption key information creation unit 
15 calculates a humming hamming distance of a uniform image data 
and a prescribed evaluation pattern data and creates an element- 
specific parameter from the calculation result. 

Specifically, the encryption key information creation unit 
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15 has an information memory 15a storing, for example, three data 
strings which are different in humming hamming distance, as 
evaluation patterns A EV , B EV , and C EV . By using these evaluation 
patterns A EV , B EV , and C EV , taking as "X" higher-ranked uniform 
image data (hereinafter, referred to as higher-ranked uniform 
image data) of the same data length as the evaluation patterns out 
of the uniform image data, and taking an exclusive OR (XOR) as " A ", 
and with the following equation, 

dH(x, A EV ) = 2xi A Ai = Xa 

dH(x, B EV ) = Sxi'Bi = Xb (1) 

dH(x, C EV ) = Sxi^Ci = Xc 
where i = 1 to n 

the encryption key information creation unit 15 calculates the 
humming hamming distance Xa, Xb, Xc of the higher-ranked uniform 
image data Z and each of the evaluation patterns A EV , B EV , and C EV , 
and combines the humming hamming distances Xa, Xb and Xc, thereby 
creating an element-specific parameter. 

In this case, the encryption key information creation unit 
15 can keep repeatability of the element-specific parameter 
obtained due to a variation pattern even in a case where uniform 
image data varies according to the imaging situations at the time 
of imaging. This is because the element-specific parameter is 
created from correlation results between the higher-ranked uniform 
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image data X and the evaluation patterns A EV , B EV , and C EV . 

In addition, in this case, the encryption key information 
creation unit 15 creates an element-specific parameter based on a 
uniform image signal S2 output from the solid imaging element 24 
after manufacturing. Therefore, this parameter can be created as 
information which the manufacturer of the solid imaging element 24 
cannot be know. Furthermore, the element-specific parameter is 
created from a combination of correlation results with the 
evaluation patterns A EV , B EV , and C EV , not with a variation pattern 
itself of the solid imaging element 24. Therefore, this parameter 
can be created as information that the manufacturer of this solid 
imaging element 24 and a person who stole the solid imaging 
element 24 cannot know. 

Then the encryption key information creation unit 15 creates 
a plurality of encryption key information D2 (D2 X to D2 n ) with a 
prescribed algorithm with thus created element-specific parameter 
as a seed, and stores or updates the encryption key information D2 
in the encryption key information memory 13a of the encryption 
unit 13. 

As a result , the identification information Dl to be given 
to the encryption unit 13 is converted to encrypted identification 
information D3 through an encryption process using, for example, 
encryption key information D2 ± unique to this encryption device 
(solid imaging element 24), and this information is sent to the 
decryption device 3 via the communication unit 14. 
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Note that, when the encryption key information creation unit 
15 creates a plurality of new encryption key information D2 , it 
can register the plurality of new encryption key information D2 in 
a database of the decryption device 3 with a prescribed process or 
by performing a prescribed encryption process on the encryption 
key information D2 and sending the resultant to the decryption 
device 3. 

As described above, this encryption device 2 encrypts the 
identification information Dl by using the encryption key 
information D2 extracted from the element-specific parameter that 
cannot be known in manufacturing, thus making it possible to 
significantly improve reliability of an encryption function by 
strictly avoiding a user pretending a registrant from using the 
encryption device 2 . 

(4) Construction of decryption device 

The decryption device 3 is composed of a communication unit 

30 for communicating information through a communication process 
under a prescribed radio communication scheme, a requesting unit 

31 for making various requests to the encryption devices 2 (2A to 
2N) , a decryption decoding unit 32 for decrypting encrypted 
identification information D3 received via the communication unit 
30, a comparison unit 33 for performing a prescribed 
identification process by using a decryption result of the 
decryption decoding unit 32, and a registration database DB. 

This registration database DB stores the formation patterns 
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of blood vessels of the same parts as the blood vessels to be 
imaged by the imaging units 11 of the encryption devices 2 (2A to 
2N) and a plurality of encryption key information D2 obtained from 
the same element-specific parameters of the solid imaging elements 
24 of the encryption devices 2 (2A to 2N) as registration 
information D10 (Did to D10 n ) . 

In this case, the requesting unit 31 requests an encryption 
device 2 (2A to 2N) being connected via the communication unit 30, 
for various conditions for an identification process at prescribed 
timing. The conditions include the number of encryption key 
information D2 X , D2 2 , - - - , D2 n to be used out of a plurality of 
encryption key information, and other matters. In this case, the 
decryption unit 32 is notified of the number of specified 
encryption key information. 

In addition, the requesting unit 31 makes a request for 
creating encryption key information D2 if needed. In this case, 
encryption key information D2 of corresponding registration 
information Did, D10 2 , • or D10 n being registered in the 

registration database DB is updated to encryption key information 
which is newly created by the encryption device 2 and is obtained 
through a prescribed registration process or via the communication 
unit 30. 

The decryption decoding unit 32 reads registration 
information DlOi corresponding to, for example, the encryption 
device 2A from the registration database DB based on a 
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transmission source address written in the header of encryption 
identification information D3 supplied via the communication unit 
30 , and selects encryption information D2i notified from the 
requesting unit 31 out of the plurality of encryption key 
information D2i to D2 n of the registration information DlOi- 

The decryption decoding unit 32 restores the identification 
information Dl by performing the same encryption process as the 
encryption device 2A, on the encrypted identification information 
D3 by using the encryption key information D2i being selected, and 
sends the ident if ica Lion information Dl and corresponding 
registration information DlOi to the comparison unit 33. 

The comparison unit 33 compares the blood vessel formation 
pattern of the supplied identification information Dl to the blood 
vessel formation pattern of the corresponding registration 
information DlOi with a prescribed technique. If the comparison 
result cannot satisfy a prescribed matching level, the user who is 
using the encryption device 2A and sent the identification 
information Dl is determined as a third party and the 
communication unit 30 is controlled so as to stop communication of 
information with the encryption device 2A. 

When the prescribed matching level is obtained, the 
comparison unit 34 determines the user using the encryption device 
2A sending the identification information Dl as a rightful user. 
In this case, the comparison unit 33 controls the communication 
unit 30 so as to communicate information between the encryption 
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device 2A and an internal information processing unit (not shown) . 

As described above, the decryption device 3 is capable of 
performing the identification process by using the identification 
information Dl (blood vessel formation pattern) unique to a body 
and the encryption key information D2 obtained from an element- 
specific parameter unique to the solid imaging element 2 4 . 
(6) Operation and Effects of this embodiment 

According to the above configuration, this encryption device 
2 (2A to 2N) creates an element-specific parameter unique to the 
solid imaging element 24 based on a uniform image signal S2 output 
from the solid imaging element 24 as a result of imaging a uniform 
imaging target by the imaging unit 11. 

Then the encryption device 2 (2A to 2N) encrypts the 
identification information Dl by using the prescribed encryption 
key information D2 obtained from the element-specific parameter. 

Therefore, the encryption device 2 (2A to 2N) is capable of 
creating encryption key information D2 obtained from the element- 
specific parameter, which can not be known by third parties even 
in manufacturing, without previously storing encryption keys in a 
non-volatile memory, unlike conventional systems, resulting in 
being capable of ensuring confidentiality of the identification 
information Dl easily . 

According to the above configuration, an element-specific 
parameter unique to the solid imaging element 24 is created based 
on a uniform image signal S2 output from the solid imaging element 
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24 as a result of imaging a uniform imaging target, and the 
identification information Dl is encrypted with prescribed 
encryption key information D2 obtained from the element-specific 
parameter, thus being capable of ensuring confidentiality of the 
identification information Dl easily and improving reliability of 
the encryption function. 
( 6) Other embodiments 

Note that the above embodiment has described a case where a 
creation means for creating a unique parameter of an element group 
based on a signal output from the element group internally having 
a plurality of elements as a unit creates an element-specific 
parameter unique to the solid imaging element 24 based on a 
uniform image signal S2 output from a plurality of photoelectric 
conversion elements arranged in the solid imaging element 24. 
This invention, however, is not limited to this and a unique 
parameter can be created based on a signal output from, for 
example, a piezoelectric element group of a touch pad. 
Alternatively, a unique parameter of an element group having a 
group of active elements or passive elements as a unit can be 
created . 

In this case, even if the element group is composed of one 
or plural kinds of elements, the same effects as the above 
embodiment can be obtained. 

Further, the above embodiment has described a case where the 
creation means creates a unique parameter by directly calculating 
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humming hamming distances (correlation values) between data of the 
uniform image signal S2 output from an element group and three 
different evaluation patterns A EV , B EV , and C EV being stored in an 
information memory serving as a storage means and combining the 
calculation results in a prescribed order. This invention, 
however, is not limited to this and FFT (Fast Fourier Transform) 
can be performed on data of the uniform image signal S2 and 
calculation results of humming hamming distances of this result 
and the evaluation patterns A EV , B EV , and C EV can be combined. 
Alternatively, an inverse FFT can be performed on only data of low 
frequency components out of a result of the FFT, and the results 
of humming hamming distances of the FFT result and the evaluation 
patterns A EV , B EV , and C EV can be combined. Or these processing 
results can be combined. By doing this, a unique parameter with 
high confidentiality and repeatability can be created, thus making 
is possible to significantly improve reliability of the encryption 
function . 

In this case, the encryption key information creation unit 
15 makes the imaging unit 11 image the diffusion plate 25 and 
creates a unique parameter as encryption key information based on 
a signal obtained as the imaging result. This invention, however, 
is not limited to this and the imaging unit 11 can image another 
uniform imaging target other than the diffusion plate 25, or only 
a unique parameter can be created without creating the encryption 
key information. In short, another kind of creation unit for 
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creating a unique parameter can be used . 

In addition, in this case, encryption key information is 
created every time when a request for creating encryption key 
information is received from the decryption device 3 via the 
communication unit 14. This invention, however, is not limited to 
this and other creation timing can be used, such as only 
manufacturing time . 

Further, as an evaluation pattern, a prescribed evaluation 
pattern is stored in an information memory. This invention, 
however, is not limited to this and a plurality of evaluation 
patterns are stored in the information memory and a prescribed 
number of evaluation patterns can be selected from these 
evaluation patterns. Alternatively, a different evaluation 
pattern is selected according to a request of the decryption 
device 3. Alternatively, an evaluation pattern created with a 
prescribed algorithm at prescribed timing can be stored in the 
information memory. By doing this, even if identification 
information Dl is stolen or even if an evaluation pattern is 
decrypted from encryption key information, corresponding 
evaluation pattern cannot be used, thus making it possible to 
significantly improve reliability of the encryption function. 

Furthermore, three kinds of evaluation patterns are stored 
in the information memory as the number of evaluation patterns. 
This invention, however, is not limited to this and the same 
effects as the above embodiment can be obtained, provided that at 
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least two evaluation patterns are stored in the information memory . 

Furthermore, the above embodiment has described a case where 
the encryption unit 13 for encrypting identification information 
Dl comprising a blood vessel formation pattern by using encryption 
key information extracted from a unique parameter is applied as an 
encryption means for encrypting information by using a unique 
parameter. This invention, however, is not limited to this and an 
encryption unit for encrypting the identification information Dl 
by using a unique parameter can be applied . 

In this case, a blood vessel formation pattern in a body is 
encrypted as identification information Dl . This invention, 
however, is not limited to this and another kind of body 
information such as characteristic pattern existing on a body 
surface, such as fingerprints, can be encrypted as identification 
information. In addition, not identification information nor body 
information but information which is a confidential target can be 
encrypted . 

Industrial Usability 

This invention can be used for terminal devices such as 
personal computers and portable telephones, and household 
electronic devices in a case of making external devices identify 
the devices themselves. 
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